[
https://issues.apache.org/jira/browse/SLING-3899?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14138929#comment-14138929
]
Marius Petria commented on SLING-3899:
--------------------------------------
The first option (using service users to authorize access to content) is
tracked in SLING-3953. We should evaluate more if introducing a
ResourceResolver all over the APIs can bring any advantages.
> Access content for replication on behalf of the user that triggered the
> replication
> -----------------------------------------------------------------------------------
>
> Key: SLING-3899
> URL: https://issues.apache.org/jira/browse/SLING-3899
> Project: Sling
> Issue Type: Improvement
> Components: Replication
> Reporter: Marius Petria
>
> Currently the content is accessed via an administrative session. We need to
> pass a ResourceResolver via all APIs to ensure that the content is accessed
> only be users that have the right.
> For rule triggered requests the actions should be done on the behalf of a
> replication-service-user.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
